KBouncer takes out BlueHat prize

Powered by SC Magazine
 

PhD grad wins Microsoft defensive tech competition.

Vasilis Pappas has been named as the first winner of Microsoft's BlueHat prize, awarded for the development of a new, innovative computer security defence technology.

Pappas won with his ‘kBouncer', an exploit mitigation technology that detects abnormal control transfers using the last branch recording feature of Intel processors to mitigate return-oriented programming (ROP).

ROP is an advanced technique that attackers use to combine short pieces of benign code, already present in a system, for a malicious purpose. Microsoft said that as it uses supported hardware features, kBouncer can be implemented with lower cost to performance and development time.

This technique was defended against in the winning and two runners-up technologies. The first runner-up was Ivan Fratric, who created ROPGuard, and the surprise second was Jared DeMott for /ROP.

Mike Reavey, senior director of the Microsoft security response center, said: “A year ago we posed a challenge to the researcher community and asked them to shift their focus from solely identifying and reporting individual vulnerabilities to investing in new lines of defensive research that could mitigate entire classes of attacks.

“It's with great pleasure that we congratulate the winner of our inaugural BlueHat prize contest for his submission of a novel defensive technology that advances the challenging issue of exploit mitigation of some of the most popular attack techniques we're seeing today.”

Matt Thomlinson, general manager of the Microsoft Trustworthy Computing group, said that it has integrated some of the finalists' technologies into its Enhanced Mitigation Experience Toolkit (EMET) 3.5 technology preview.

Dave Forstrom, Microsoft Trustworthy Computing director, said: “It's great to see an initiative to collaborate and share innovations [from] a year ago evolve into prototypes with one now available this quickly as a new freely available computer security tool. Even in an enterprise that is fully updated against known vulnerabilities, EMET provides defences that protect assets from the yet unknown threats. EMET can easily be used on home machines to protect against known, and unknown, vulnerabilities.”

Pappas is currently a PhD student at Columbia University in New York, and collected a $200,000 prize. Fratric was awarded $50,000 for his submission, while DeMott won $10,000 for his entry.

The BlueHat contest was announced at the 2011 Black Hat conference in Las Vegas and was designed to challenge the security community to look beyond the norm of problems such as vulnerabilities and instead focus on developing innovative solutions to pressing security challenges.

A panel of Microsoft security engineers judged the submissions based on: practicality and functionality; robustness; and impact. However security firm Subreption criticised the contest, saying that entrants would be selling themselves short, as Microsoft would own the intellectual property of the entry.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


KBouncer takes out BlueHat prize
 
 
 
Top Stories
Tech SWAT teams kicking down the digital door
From dam engineers in Ecuador to Sydney light-rail gurus, Cardno's global CIO Karen Wagner is linking up her widespread organisation.
 
Brandis hits telcos with new security reforms
Civil penalties for those who don't comply.
 
When does an insurance company turn into a software vendor?
The lines are blurring for ASX-listed Cover-More Group.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
New Microsoft Office apps for Android phones
Jun 26, 2015
Microsoft's latest Office apps for Android now work on phones as well as tablets, further ...
Windows 10 UK price revealed, but don't believe everything you hear
Jun 26, 2015
Windows 10 £99 price tag for users in the UK (who presumably don't already have Win 7 Pro ...
Now Xero notifies iOS users of new transactions
Jun 24, 2015
The latest version of Xero's iPhone app includes notifications when new transactions arrive from ...
Your Essential Cloud Toolbox
Jun 22, 2015
When BIT interviewed Receipt Bank country manager Sophie Hossack, we asked for her thoughts on ...
Toshiba laptops to get “Cortana button” ahead of Windows 10 launch
Jun 19, 2015
Toshiba introduces 12 new laptops, all aimed at getting the most out of Microsoft's digital ...
Latest Comments
Polls
Is site blocking effective in stopping piracy?


   |   View results
Yes
  2%
 
No
  86%
 
Somewhat
  12%
TOTAL VOTES: 507

Vote